Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/16RekYYB91vJZbTgkJ5H10aylC8.roa
File: 16RekYYB91vJZbTgkJ5H10aylC8.roa (raw, json)
Hash identifier: v0g13kIMCvFJ90o9N7h7U3vLpiPusLPqJzjQZIJCi/0=
Subject key identifier: D7:A4:5E:91:86:01:F7:5B:C9:65:B4:E0:90:9E:47:D7:46:B2:94:2F
Certificate issuer: /CN=cfeace714c29568ef197007b141d12758cc415d5
Certificate serial: 0184384711B8E504AA7EBC31671C54F6FA87
Authority key identifier: CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/16RekYYB91vJZbTgkJ5H10aylC8.roa
Signing time: Wed 02 Nov 2022 12:18:12 +0000
ROA not before: Wed 02 Nov 2022 12:18:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57829
IP address blocks: 45.137.208.0/22 maxlen: 24
2a0b:fd82::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:38:47:11:b8:e5:04:aa:7e:bc:31:67:1c:54:f6:fa:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfeace714c29568ef197007b141d12758cc415d5
Validity
Not Before: Nov 2 12:18:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d7a45e918601f75bc965b4e0909e47d746b2942f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c6:cd:e9:cc:b5:49:58:61:82:40:c4:81:4a:
88:cb:ee:06:e8:8f:79:10:00:12:2b:05:a1:01:00:
e7:3e:29:36:04:9e:4c:63:2c:8a:bb:2c:2b:51:06:
85:3a:49:d7:0e:cd:e7:44:3e:41:55:f7:b9:a9:27:
77:08:fd:23:12:bd:4a:f9:52:59:e4:bc:57:e0:70:
40:e7:20:cc:33:8f:f0:94:4b:1e:67:f0:65:df:49:
17:e9:1a:d7:fc:8a:44:ba:1c:56:2e:3b:43:4a:4d:
44:3c:b1:04:26:c6:e2:6f:11:a7:20:d8:9a:ec:f7:
70:21:ca:64:6e:74:d3:7d:4e:cd:6e:12:d2:92:79:
b7:d9:e7:73:2b:c5:65:74:36:9b:cf:17:4f:b0:80:
e7:cc:2a:1b:04:d0:7c:e5:24:ab:8e:f2:74:bb:93:
45:02:ec:41:ea:90:f6:55:d4:68:bb:fd:85:f4:db:
d8:07:c2:f1:12:fc:1e:dc:60:a8:ec:6b:63:88:7c:
af:98:e2:97:c8:e0:f9:13:45:1d:94:01:2a:d2:17:
d2:49:29:ef:df:29:5b:0c:c4:ae:6f:ca:f1:c4:fc:
70:e9:30:49:41:85:43:e9:02:00:8b:5e:21:5c:6a:
e2:0b:6b:9b:44:ed:49:30:8a:17:e3:82:c7:c5:57:
07:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:A4:5E:91:86:01:F7:5B:C9:65:B4:E0:90:9E:47:D7:46:B2:94:2F
X509v3 Authority Key Identifier:
keyid:CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/16RekYYB91vJZbTgkJ5H10aylC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/z-rOcUwpVo7xlwB7FB0SdYzEFdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.208.0/22
IPv6:
2a0b:fd82::/32
Signature Algorithm: sha256WithRSAEncryption
04:f4:1b:9e:72:d1:16:60:c7:a3:7a:9a:5b:ae:43:04:e7:38:
f6:d9:5b:b6:16:bf:f2:59:a0:a0:26:f6:38:de:8a:fe:44:85:
1b:2b:a6:49:a7:1b:94:61:ac:9b:81:5a:a9:f9:76:23:51:b8:
c2:5b:73:be:73:cf:bb:f6:34:c4:80:d7:4c:0d:57:9e:0a:6c:
c3:d0:90:1c:43:b1:5c:2c:25:99:39:5e:a2:b3:36:d6:cd:2b:
67:93:1f:6c:7d:bf:ae:72:c9:f6:a7:23:d0:db:69:fa:a0:2d:
35:2f:b5:86:8a:d3:13:df:38:e9:ba:5d:67:3f:5f:3e:3c:85:
20:d5:5b:8f:22:2a:b1:37:e2:7e:99:d9:81:42:83:02:df:53:
03:04:21:46:8c:23:3a:3e:95:0f:cc:7c:7d:90:12:82:be:36:
5f:ba:64:a4:6a:09:2d:06:99:55:79:f1:df:88:c6:e1:65:07:
5a:5b:27:46:f1:67:58:80:92:e0:a5:73:0e:63:55:26:a0:4b:
ac:e1:98:84:13:7d:34:0b:c0:c2:e3:ee:7d:cd:19:47:96:da:
aa:5c:d5:fe:7c:da:72:5b:d0:dc:82:00:89:27:e9:b1:94:2d:
35:80:b9:7f:97:33:64:54:7b:5c:9f:91:ba:d2:8e:00:08:11:
b9:fa:b9:8e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYQ4RxG45QSqfrwxZxxU9vqHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZWFjZTcxNGMyOTU2OGVmMTk3MDA3YjE0MWQxMjc1OGNj
NDE1ZDUwHhcNMjIxMTAyMTIxODEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2E0NWU5MTg2MDFmNzViYzk2NWI0ZTA5MDllNDdkNzQ2YjI5NDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocbN6cy1SVhhgkDEgUqIy+4G6I95
EAASKwWhAQDnPik2BJ5MYyyKuywrUQaFOknXDs3nRD5BVfe5qSd3CP0jEr1K+VJZ
5LxX4HBA5yDMM4/wlEseZ/Bl30kX6RrX/IpEuhxWLjtDSk1EPLEEJsbibxGnINia
7PdwIcpkbnTTfU7NbhLSknm32edzK8VldDabzxdPsIDnzCobBNB85SSrjvJ0u5NF
AuxB6pD2VdRou/2F9NvYB8LxEvwe3GCo7GtjiHyvmOKXyOD5E0UdlAEq0hfSSSnv
3ylbDMSub8rxxPxw6TBJQYVD6QIAi14hXGriC2ubRO1JMIoX44LHxVcHzwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNekXpGGAfdbyWW04JCeR9dGspQvMB8GA1UdIwQY
MBaAFM/qznFMKVaO8ZcAexQdEnWMxBXVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMt
OGZkMzk0YjUzNTdjLzEvMTZSZWtZWUI5MXZKWmJUZ2tKNUgxMGF5bEM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMtOGZkMzk0YjUzNTdj
LzEvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLYnQMA0E
AgACMAcDBQAqC/2CMA0GCSqGSIb3DQEBCwUAA4IBAQAE9BuectEWYMejeppbrkME
5zj22Vu2Fr/yWaCgJvY43or+RIUbK6ZJpxuUYaybgVqp+XYjUbjCW3O+c8+79jTE
gNdMDVeeCmzD0JAcQ7FcLCWZOV6iszbWzStnkx9sfb+ucsn2pyPQ22n6oC01L7WG
itMT3zjpul1nP18+PIUg1VuPIiqxN+J+mdmBQoMC31MDBCFGjCM6PpUPzHx9kBKC
vjZfumSkagktBplVefHfiMbhZQdaWydG8WdYgJLgpXMOY1UmoEus4ZiEE300C8DC
4+59zRlHltqqXNX+fNpyW9DcggCJJ+mxlC01gLl/lzNkVHtcn5G60o4ACBG5+rmO
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:27:49 2025 by rpki-client